Commit 7ed7413f authored by tbrehm's avatar tbrehm

Fixed: FS#1149 - Ispconfig(apache) Breaks on bad format SSL certificate

parent e631410a
......@@ -53,6 +53,7 @@ awstats_pl=/usr/lib/cgi-bin/awstats.pl
awstats_buildstaticpages_pl=/usr/share/awstats/tools/awstats_buildstaticpages.pl
php_ini_path_apache=/etc/php5/apache2/php.ini
php_ini_path_cgi=/etc/php5/cgi/php.ini
check_apache_config=y
[dns]
bind_user=root
......
......@@ -376,6 +376,12 @@ $form["tabs"]['web'] = array (
'default' => '20',
'value' => array('10' => 'Medium', '20' => 'High')
),
'check_apache_config' => array (
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
'default' => 'y',
'value' => array(0 => 'n',1 => 'y')
),
'user' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
......
......@@ -73,4 +73,5 @@ $wb["backup_dir_txt"] = 'Backup directory';
$wb["named_conf_local_path_txt"] = 'BIND named.conf.local path';
$wb["php_ini_path_cgi_txt"] = 'CGI php.ini path';
$wb["php_ini_path_apache_txt"] = 'Apache php.ini path';
$wb["check_apache_config_txt"] = 'Test apache configuration on restart';
?>
\ No newline at end of file
......@@ -33,6 +33,12 @@
</select>
</div>
</div>
<div class="ctrlHolder">
<p class="label">{tmpl_var name='check_apache_config_txt'}</p>
<div class="multiField">
{tmpl_var name='check_apache_config'}
</div>
</div>
<div class="ctrlHolder">
<label for="user">{tmpl_var name='web_user_txt'}</label>
<input name="user" id="user" value="{tmpl_var name='user'}" size="40" maxlength="255" type="text" class="textInput" />
......
......@@ -825,6 +825,10 @@ class apache2_plugin {
}
$vhost_file = escapeshellcmd($web_config["vhost_conf_dir"].'/'.$data["new"]["domain"].'.vhost');
//* Make a backup copy of vhost file
copy($vhost_file,$vhost_file.'~');
//* Write vhost file
file_put_contents($vhost_file,$tpl->grab());
$app->log("Writing the vhost file: $vhost_file",LOGLEVEL_DEBUG);
unset($tpl);
......@@ -879,14 +883,36 @@ class apache2_plugin {
if($data["new"]["stats_type"] == 'awstats' && $data["new"]["type"] == "vhost") {
$this->awstats_update($data,$web_config);
}
if($web_config['check_apache_config'] == 'y') {
//* Test if apache starts with the new configuration file
$apache_online_status_before_restart = $this->_checkTcp('localhost',80);
$app->log("Apache status is: ".$apache_online_status_before_restart,LOGLEVEL_DEBUG);
if($apache_chrooted) {
$app->services->restartServiceDelayed('httpd','restart');
$app->services->restartService('httpd','restart');
//* Check if apache restarted successfully if it was online before
$apache_online_status_after_restart = $this->_checkTcp('localhost',80);
$app->log("Apache online status after restart is: ".$apache_online_status_after_restart,LOGLEVEL_DEBUG);
if($apache_online_status_before_restart && !$apache_online_status_after_restart) {
$app->log("Apache did not restart after the configuration change for website ".$data["new"]["domain"].' Reverting the configuration. Saved not working config as '.$vhost_file.'.err',LOGLEVEL_WARN);
copy($vhost_file,$vhost_file.'.err');
copy($vhost_file.'~',$vhost_file);
$app->services->restartService('httpd','restart');
}
} else {
// request a httpd reload when all records have been processed
$app->services->restartServiceDelayed('httpd','reload');
//* We do not check the apache config after changes (is faster)
if($apache_chrooted) {
$app->services->restartServiceDelayed('httpd','restart');
} else {
// request a httpd reload when all records have been processed
$app->services->restartServiceDelayed('httpd','reload');
}
}
// Remove the backup copy of the config file.
unlink($vhost_file.'~');
//* Unset action to clean it for next processed vhost.
$this->action = '';
......@@ -1283,6 +1309,18 @@ class apache2_plugin {
$app->log("exec: ".$command,LOGLEVEL_DEBUG);
exec($command);
}
private function _checkTcp ($host,$port) {
$fp = @fsockopen ($host, $port, $errno, $errstr, 2);
if ($fp) {
fclose($fp);
return true;
} else {
return false;
}
}
} // end class
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment